Protect User Data with N|Solid’s Redacted Snapshots

Data management and security are currently at the forefront of media attention. Software applications that accept and store user data are ubiquitous. How that data is handled “behind-the-scenes” is falling under heavy scrutiny as malicious attacks, undisclosed third-party access, and even activity by foreign agents make clear just how sensitive this user data is in the larger information ecosystem.

Personally identifiable information (PII) includes a wide range of data such as names, addresses, dates of birth, social security information, credit card and bank information, and in some cases also includes data that could lead to attaining such information.

In the U.S., regulatory frameworks like HIPAA and PCI DSS help define standards for information security in specific industries (health and finance respectively). In the EU, an updated standard for information security known as General Data Protection Regulation (GDPR) goes ‘live’ in May 2018, and affects companies both in and out of the EU.

As data breaches become more common, and increasingly target data-rich institutions that hold millions of users’ information, there is a regulatory trend to place a stronger burden on enterprise companies to proactively protect against data theft or face legal and financial penalties.

Because of this heightened public scrutiny over data management, it is more important than ever that enterprise companies actively maintain compliance with relevant regulatory frameworks, and are being seen prioritizing the safety of their user’s data.

Protecting PII While Monitoring in Production

At NodeSource, we are committed to helping our customers achieve the highest possible value from our products. A large financial service company that uses our N|Solid platform found that because they created a potential point of vulnerability for their users’ PII, V8 heap snapshots could not be used to profile their applications in production.

The inspection and profiling tools that are part of the Node.js core do not provide a way to redact or otherwise obscure captured string information without also potentially exposing PII data. Since existing tooling requires the creation of the snapshot file that may contain sensitive data, even if you post-process the JSON file to remove data there is an interim artifact that has been created that can result in a data leak if lost or stolen.

To overcome these blockers, our N|Solid engineers developed a first-of-its-kind feature: Redacted Snapshots.

A Closer Look at Redacted Snapshots

To help our customers properly secure PII while generating heap snapshots with N|Solid, our engineers made sure that no sensitive data in a redacted snapshot is ever serialized, saved to disk, or sent over the network — in short, the PII is not at risk of interception.

Many of the current stratagems for protecting PII revolve around anonymization—attempting to ‘safeguard’ PII by removing any way of meaningfully connecting the data to an individual. While laudable in theory, in practice, anonymization can either be reverse-engineered or still leave enough ‘clues’ that are not directly considered PII, but when looked at in aggregate, can be just as powerful in personally identifying an individual and their private information. We avoided these weaknesses by deciding to completely remove all string-encoded information in the heap snapshot: any string-encoded information in the snapshot will read "(redacted)".

Currently, this feature is enabled with the N|Solid Runtime environment variable NSOLID_REDACT_SNAPSHOTS, and can be set to either true or false. This allows it to be configured on a per-environment basis so you may redact in only your PII-sensitive environments.

New to N|Solid?

If you’ve never tried N|Solid, now's a great time to give it a shot. N|Solid is a drop-in replacement for the Node.js runtime that has been enhanced to address the needs of the Enterprise. N|Solid provides meaningful insights into the runtime process, including application performance and known vulnerability monitoring.